Lucene search
+L

4 matches found

Cvelist
Cvelist
added yesterday11 views

CVE-2026-13765 LearnPress <= 4.4.1 - Missing Authorization to Unauthenticated Sensitive Information Exposure via /lp/v1/users/check-answer and /start-quiz REST Endpoints

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.1 via the checkanswer. This makes it possible for unauthenticated attackers to extract the correct-answer markers...

7.5CVSS0.00388EPSS
Exploits0References14
EUVD
EUVD
added yesterday5 views

EUVD-2026-45137

The LearnPress – WordPress LMS Plugin for Create and Sell Online Courses plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 4.4.1 via the checkanswer. This makes it possible for unauthenticated attackers to extract the correct-answer markers...

7.5CVSS6AI score0.00388EPSS
Exploits0References14
CVE
CVE
added yesterday11 views

CVE-2026-13765

The CVE-2026-13765 entry concerns the LearnPress WordPress LMS Plugin (versions up to 4.4.1). The connected document indicates a root cause of Inadequate access control in REST endpoints, specifically /lp/v1/users/check-answer and /start-quiz, leading to unauthenticated Sensitive Information Expo...

7.5CVSS6AI score0.00388EPSS
Exploits0References14
Vulnrichment
Vulnrichment
added 2025/11/19 4:28 a.m.3 views

CVE-2025-12426 Quiz Maker <= 6.7.0.80 - Unauthenticated Sensitive Information Exposure

The Quiz Maker plugin for WordPress is vulnerable to Sensitive Information Exposure in all versions up to, and including, 6.7.0.80. This is due to the plugin exposing quiz answers through the aysquizcheckanswer AJAX action without proper authorization checks. The endpoint only validates a nonce,...

5.3CVSS5.4AI score0.0032EPSS
Exploits0References4
Rows per page
Query Builder